# Login Commands ### Commands: 1. [Login](#login-command) 2. [Logout](#logout-command) 3. [Whoami](#whoami-command) Keeper supports multiple login methodologies, these include ### Authentication Workflow (High-Level) * **Primary Authentication** * Regular account (username + master password) * Cloud SSO (SAML, OIDC) * On-Premises SSO * Managed Company (MSP) login * **Secondary Authentication (2FA)** * TOTP (Google/Microsoft Authenticator) * SMS one-time code * DUO (push, SMS, voice) * RSA SecurID * WebAuthn/U2F (security keys, biometrics) * **Device Approval** * Email link * 2FA challenge * Keeper Push notification ### SDK Authentication Flow 1. **Initialize SDK client/session context** 2. **Select login method** (master password, SSO, MSP) 3. **Handle challenges issued by Keeper** * 2FA challenge * Device approval * Security key prompt 4. **Establish secure session** * Receive encrypted session token * Unlock vault and enterprise APIs ### Login Command Authenticate to start a session.

DotNet CLI

**Command:** `login` **Flag:** * `--password` master password * `--resume` resume last login * `--sso` login using sso provider * `--alt` login using sso master password * `--help` Display this help screen. * `--version` Display version information. * `email (pos. 0)` Required. account email **Example:** ```bash Not logged in> login user@example.com --password 1234567890qwertyuiop ```

DotNet SDK

**Function:** `IAuth.Login` ```csharp public async Task Login(string username, params string[] passwords) ``` **Example:** ```csharp await auth.Login(email, passwds.ToArray()); ```

PowerCommander

**Command:** `Connect-Keeper` \ **Alias :** `kc` **Flag:** * `-Username` * `-Password` * `-NewLogin` * `-Server` * `-Config` * `-SsoPassword` * `-SsoProvider`
**Example:**

PS > Connect-Keeper -Username "your@email.com" -Password (Read-Host -AsSecureString -Prompt "yourpassword")

Python CLI

**Command:** `login` **Flag:** * `-h, --help` : show this help message and exit * `--sso-password` : force master password for SSO accounts * `--resume-session` : resumes current login session * `-p, --pass` : PASSWORD master password
**Example :** ```bash My Vault > login user@example.com --pass qwertyuiop1234567890 ```

Python SDK

Function: [refer here](https://docs.keeper.io/en/keeperpam/commander-cli/commander-installation-setup/developer-mode/commander-sdk-for-python#create-an-application)

### Logout Command Securely log out from the CLI.

DotNet CLI

**Command:** `logout` **Flag:** * `--resume` : resume last login * `--help` : Display this help screen. * `--version` : Display version information. **Example:** ```bash My Vault > logout ```

DotNet SDK

**Function:** `IAuthentication.Logout` ```csharp public virtual async Task Logout() ``` **Example:** ```csharp await DoLogout(); ```

PowerCommander

**Command:** `Disconnect-Keeper` **Aliases:** `kq` **Flag:** * `-Resume` **Example:** ```powershell PS > Disconnect-Keeper PS > kq ```

Python CLI

**Command:** `logout` **Example:** ```bash My Vault > logout ```

Python SDK

**Function:** `close` **Example:** ``` vault.close() keeper_auth.close() ```

### Whoami Command Displays information about the current authenticated user, including username and email.

DotNet CLI

**Command:** `whoami` **Example:** ```bash My Vault > whoami User: user@example.com Server: keepersecurity.com Data Center: US Admin: Yes Account Type: 2 Renewal Date: May 28, 2027 Storage Capacity: 1024GB Storage Usage: 0GB Storage Expires: May 28, 2027 License Type: Keeper for Business License Expires: May 28, 2027 Base Plan: Enterprise BreachWatch: Yes ```

DotNet SDK

**Function:** `Authentication.IAuthContext` **Example:** ```csharp private Task WhoamiCommand(string _) ```

Power Commander

**Command:** `Get-KeeperInformation` **Alias:** `kwhoami` **Example:** ```powershell PS > Get-KeeperInformation User : user@example.com Server : keepersecurity.com Admin : True AccountType : Enterprise RenewalDate : May 28, 2027 StorageCapacity : 1024 StorageUsage : 0 StorageExpires : May 28, 2027 LicenseType : Enterprise EnterpriseName : Example BasePlan : Unknown Expires : 5/28/2027 StorageCapacity : 1TB TotalUsers : 20 ActiveUsers : 6 InvitedUsers : 0 ```

Python CLI

**Command:** `whoami` **Flag** : * `-h, --help` : show this help message and exit * `-v, --verbose` : verbose output **Example:** ```bash My Vault> whoami -v User user@example.com Server keepersecurity.com Data Center US Admin True Account Type Enterprise Renewal Date May 28, 2027 BreachWatch True Reporting & Alerts True Records 11 Shared Folders 11 Teams 11 ```

Python SDK

**Function:** Not Supported

### Get and Set Keeper Password Visible command Displays information about the current authenticated user, including username and email.

DotNet CLI

Not Implemented

DotNet SDK

Not Implemented

Power Commander

**Command:** `Get-KeeperPasswordVisible` Returns current password visibility setting (True or False). **Example:** ```powershell PS > Get-KeeperPasswordVisible True PS > Get-KeeperPasswordVisible False ``` **Command:** `Set-KeeperPasswordVisible` Toggles whether passwords are shown in plaintext or masked when displaying records. **Flags**: \ `-Visible` — When present, passwords are shown in plaintext. When omitted, passwords are masked. **Example:** ```powershell PS > Set-KeeperPasswordVisible -Visible PS > Get-KeeperRecord "MyRecord" # password fields shown in plaintext PS > Set-KeeperPasswordVisible PS > Get-KeeperRecord "MyRecord" # password fields shown as •••••• ```

Python CLI

Not Implemented

Python SDK

Not Implemented

### Show-Two Factor Code command Displays information about the current authenticated user, including username and email.

DotNet CLI

Not Implemented

DotNet SDK

Not Implemented

Power Commander

**Command:** `Show-TwoFactorCode` Description: Generates and displays TOTP codes for records with a oneTimeCode field. Shows code, elapsed, and remaining seconds. **Flags**: \ -Records — Record UID(s) or objects (Required, pipeline) **Example:** ```powershell PS > Show-TwoFactorCode -Records "recordUid123" PS > Get-KeeperRecord -Uid "abcDEF123" | 2fa ``` **Command:** `Set-KeeperPasswordVisible` Toggles whether passwords are shown in plaintext or masked when displaying records. **Flags**: \ `-Visible` — When present, passwords are shown in plaintext. When omitted, passwords are masked. **Example:** ```powershell PS > Set-KeeperPasswordVisible -Visible PS > Get-KeeperRecord "MyRecord" # password fields shown in plaintext PS > Set-KeeperPasswordVisible PS > Get-KeeperRecord "MyRecord" # password fields shown as •••••• ```

Python CLI

Not Implemented

Python SDK

Not Implemented